Last active
November 30, 2021 12:14
Revisions
-
geosharma renamed this gist
Sep 13, 2017 . 1 changed file with 0 additions and 0 deletions.There are no files selected for viewing
File renamed without changes. -
geosharma created this gist
Sep 13, 2017 .There are no files selected for viewing
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters. Learn more about bidirectional Unicode charactersOriginal file line number Diff line number Diff line change @@ -0,0 +1,330 @@ # Notes on Arch Linux installation ### Key features: BIOS, GPT, encryption, btrfs, xfs. encrypted btrfs root, unencrypted xfs `/home` This was created to document the procedures followed during the installation of Arch Linux. This is intended to act as a guide in the event a full installation is required in the future. This is primarily for my own use. I plan to document each step with code. If anyone finds this helpful, then please use it at your own risk, I assume no responsibility for any damage incurred from following these notes. I would recommend that you follow the [Arch Linux Installation Guide](https://wiki.archlinux.org/index.php/installation_guide) and the Arch Linux wikis, rather than these set of notes. ## Setup * Computer: HP DV6000 * Hard disk: 230 SSD ## References: In addition to the Arch Linux Installation Guide, webpages and blogs listed below were very helpful: * [Fitzcarraldo's Blog](https://fitzcarraldoblog.wordpress.com/2017/02/10/partitioning-hard-disk-drives-for-bios-mbr-bios-gpt-and-uefi-gpt-in-linux/) * [Mathletic ](https://tincman.wordpress.com/2011/01/20/installing-arch-linux-onto-a-gpt-partitioned-btrfs-root-ssd-on-a-legacy-bios-system/) * [gutoandreollo](https://gist.github.com/gutoandreollo/e12455886149a6c85a70) * [bparmentier](https://github.com/bparmentier/www/blob/master/posts/how-to-install-arch-linux-on-an-encrypted-btrfs-partition.md) * [stafwag blog](http://stafwag.github.io/blog/blog/2016/08/30/arch-on-an-encrypted-btrfs-partition/) * [BrainDump](https://mzanfardino.wordpress.com/2012/05/24/repairing-broken-arch-linux/) ## GPT partitioned SSD with BIOS Based on the references, the SSD was formatted as shown below. For no particular reason, I wanted the `/` partition on *btrfs* and `/home` on *XFS*, as I read is done in openSUSE. * BIOS boot: 1MiB, Code:EF02, Flags:bios_grub, * boot: 512 MB, Code:8300, Flags:None * swap: 6 GB, Code:8200, Flags:None * root: 66 GB, Code:8300, Flags:None, Attribute: 2 (in expert mode) * home: rest, Code:8300, Flags:None * 1.00 MiB at the end of the disk [Gparted](https://gparted.org/liveusb.php) live usb can be used for partitioning the harddisk. The instructions for creating a live usb can be found at their website. [tuxboot](http://tuxboot.org/download/) can be used to create the bootable usb. The squence of commands for partitioning in **gparted** commandline are presented below: ``` sudo gdisk /dev/sda o, y n, 1, [enter], +1M, ef02 n, 2, [enter], +512M, [enter] n, 3, [enter], +6G, 8200 n, 4, [enter], +65G, [enter] n, 5, [enter], -1M, [enter] x, a, 4, 2, [enter] w, Y ``` ## File systems * BIOS boot: unformatted, location: /dev/sda1 * boot: File system: ext4, Label: boot location: /dev/sda2 * swap: File system: linux-swap, Label: swap location: /dev/sda3 * root: File system: btrfs, Label: root location: /dev/sda4 * home: File system: xfs, Label: home location: /dev/sda5 The sequence of commands to create the file systems were: ``` sudo mkfs.ext4 -L "bios" /dev/sda2 sudo mkswap -L "swap" /dev/sda3 sudo mkfs.btrfs -L "root" /dev/sda4 sudo mkfs.xfs -L "home" /dev/sda5 ``` These steps can be performed with the ARCH installation image, however using **gparted** gives the option of visualisation in the gui. ## Making Arch Live USB Download the image from the website and write the image using [USBWriter](https://sourceforge.net/projects/usbwriter/). It is one of the recommended writers. Boot with Arch live usb. ## Steps from Arch Linux Installation Guide Once again the **Installation Guide** is the correct document to follow. ### Internet connection If the device has no wired connection, to get the wireless working follow [Wireless network configuration](https://wiki.archlinux.org/index.php/Wireless_network_configuration). These were the sequence of commands for inspection and setting up the wireless connection. Use `ip link` to determine wireless interface. The wireless interface was `wlp2s0`. If using wireless then stop the *dhcpcd* daemon for wired connection. ``` systemctl stop dhcpcd@ Tab lspci -k ip link ip link set wlp2s0 up iw dev wlp2s0 scan | less wpa_supplicant -i wlp2s0 -c < (wpa_passphrase "SSID" "key") ``` *wlp2s0* was the wireless interface. If connection to wireless is successful use `Ctrl+c` to quit *wpa_supplicant* and add `-B` switch to run the command in background. ``` wpa_supplicant -B -i wlp2s0 -c <(wpa_passphrase "SSID" "key") iw dev wlp2s0 link dhcpcd wlp2s0 ``` ### Update system clock ``` timedatectl set-ntp true timedatectl set-timezone America/Kentucky/Louisville timedatectl set-local-rtc true ``` ### Disk partition Partition the disk as desired. ### Format partitions Format each of the partitions as desired. ### Prepare encrypted partition ``` cryptsetup --cipher aes-xts-plain64 --hash sha512 --use-random --verify-passphrase luksFormat /dev/sda4 cryptsetup luksOpen /dev/sda4 cryptroot mkfs.btrfs /dev/mapper/cryptroot mount -o noatime,compress=lzo,discard,ssd,defaults /dev/mapper/cryptroot /mnt ``` Create btrfs subvolumes ``` cd /mnt btrfs subvolume create __active btrfs subvolume create __active/rootvol btrfs subvolume create __active/var btrfs subvolume create __snapshots ``` System configuration ``` cd umount /mnt mount -o subvol=__active/rootvol /dev/mapper/cryptroot /mnt mkdir /mnt/{home,var} mount -o inode64,nobarrier /dev/sda5 /mnt/home mount -o subvol=__active/var /dev/mapper/cryptroot /mnt/var mkdir /mnt/boot mount /dev/sda2 /mnt/boot sync ``` ### Install System ``` pacstrap /mnt base base-devel btrfs-progs ``` ### Generate fstab ``` genfstab -U -p /mnt >> /mnt/etc/fstab ``` Chroot into the new System ``` arch-chroot /mnt ``` ### Set time zone ``` ln -sf /usr/share/zoneinfo/America/Kentucky/Louisville /etc/localtime hwclock --systohc ``` ### Locale Uncomment `en_US.UTF-8 UTF-8` in `/etc/locale.gen` ``` locale-gen ``` Set `LANG` variable in *locale.conf* ``` nano /etc/locale.conf LANG=en_US.UTF-8 ``` ### Hostname Create the *hostname* file ``` nano /etc/hostname myhostname ``` Add a matching entry to *hosts* ``` nano /etc/hosts 127.0.0.1 localhost.localdomain localhost ::1 localhost.localdomain localhost 127.0.1.1 myhostname.localdomain myhostname ``` ### Network configuration Install `iw` and `wpa_supplicant` for wireless configureation because these packages are not available after fresh install. ### Initramfs Modify to *mkinitcpio.conf* to include: * MODULES="aes_x86_64" * BINARIES="/user/bin/btrfsck" * HOOKS="...... encrypt filesystems ... btrfs" Add the *encrypt* hook before *filesytems* and *btrfs* at the end and remove the *fsck* hook ``` nano /etc/mkinitcpio.conf HOOKS="base udev autodetect modconf block encrypt filesystems keyboard btrfs" ``` Save the file and run ``` mkinitcpio -p linux ``` ### Password 'root' password ``` passwd ``` ### Bootloader Install grub ``` pacman -Syu grub grub-install --target=i386-pc /dev/sda2 ``` Create *grub.cfg* Add encrypted root partition to *GRUB_CMDLINE_LINUX=* in '/etc/default/grub' ``` nano /etc/default/grub GRUB_CMDLINE_LINUX=""crytpdevice=/dev/sda4:cryptroot"" ``` Save the file and generate *grub.cfg* ``` grub-mkconfig -o /boot/grub/grub.cfg ``` Reboot ## Post installation Log in as `root` with the root password from above. ### Configure network Since I was using wireless network ``` ip link set wlp2s0 up iw dev wlp2s0 scan | less wpa_supplicant -B -i wlp2s0 -c <(wpa_passphrase "SSID" "key") dhcpcd wlp2s0 ``` ### Add user Add your username and password. If 'archie' is the desired username then: ``` useradd -m -G wheel -s /bin/bash archie passwd archie ``` ### Sudo Change the default editor from `visudo` to `nano`. Since the user was already added to the *wheel* group, `sudo` was configured to allow members of the *wheel* group sudo access. ``` EDITOR=nano visudo ``` Uncomment the line ``` %wheel All=(ALL) ALL ``` Logout and then login as *user* with *user password*. Test `sudo` with `pacman` ### Enable Multilib Allows users to run 32-bit applications on 64-bit installation of Arch Linux. Uncomment `[multilib]` section in `/etc/pacman.conf` ``` [multilib] Include = /etc/pacman.d/mirrorlist ``` ### Wayland ``` sudo pacman -Syu weston sudo pacman -S xorg-server-xwayland ``` ### Display manager Use GNOME display manager ``` sudo pacman -S gdm sudo systemctl enable gdm.service ``` ### Install GNOME DE ``` sudo pacman -S gnome gnome-extra ``` ### Mircocode update ``` sudo pacman -S intel-ucode grub-mkconfig -o /boot/grub/grub.cfg ``` ### Network using netctl Create a profile in `/etc/netctl` by copying and editing one of the examples in `/etc/netctl/examples/`. Also to obfuscate wireless passphrase use `wpa_passphrase` to compute the 256-bit PSK. An example from the [netctl](https://wiki.archlinux.org/index.php/Netctl) is given below. For example if the *essid* is *highway* and the *passphrase* is *alongandwindingroad*: ``` wpa_passphrase highway alongandwindingroad ``` The output will be as follows: ``` network={ ssid="highway" #psk="alongandwindingroad" psk=b2faeec84b34a37f95cc4b4e5696d73eccc1821f4ea4f209606850fb90c3d427 } ``` Edit one of the example files as shown below for the example given above and save with an appropriate file name `wireless-wpa_highway` ``` Description='A simple WPA encrypted wireless connection using 256-bit PSK' Interface=wlp2s2 Connection=wireless Security=wpa IP=dhcp ESSID='highway' Key=\"b2faeec84b34a37f95cc4b4e5696d73eccc1821f4ea4f209606850fb90c3d427 ``` Test the created profile ``` sudo netctl start wireless-wpa_highway ``` If everything is working then enable the profile to start at boot. ``` netctl enable wireless-wpa_highway ``` If netctl keeps failing then one of the reasons could be that `dhcpcd.service` is enabled. Disalbe the `dhcpcd.service` as 'netctl' will handle *dhcp* ``` sudo systemctl disable dhcpcd.service ``` ### Others The Grub graphics was not very pleasant. Adjusted the framebuffer resolution in `/etc/default/grub` ``` GRUB_GFXMODE=1280x800x32,auto GRUB_GFXPAYLOAD_LINUX=keep ``` After saving the changes ``` grub-mkconfig -o /boot/grub/grub.cfg ``` Changed Grub theme to [arch-silence](https://aur.archlinux.org/packages/grub2-theme-archlinux/) ### Add and arrange the minimize, maximize and close button in Gnome ``` gsettings set org.gnome.shell.overrides button-layout close,minimize,maximize ``` ### Roaming wireless using netctl This needs verification. * install *wpa_actiond* ``` # pacman -S wpa_actiond ``` * Enable the *interface* ``` sudo systemctl enable netctl-auto@wlp2s0.service ```